There has been a 2500% increase in the sale of cybercrime kits on the dark-web since 2016, said Angus Taylor MP, Australian Minister for Law Enforcement and Cyber Security in a recentinterview.Taylor expressed his concern about this surge in online criminal activity. He noted that there has been “a high take-up of digital technologies” by Australian companies, but about 30% of smaller companies have inadequate cybersecurity measures in place. “Businesses often find it hard to recover after a cybersecurity incident. When small businesses experience a significant cyber breach, 60 per cent will go out of business within six months," Taylor said.

Fraud figures alarming

Australian Government estimates assert that 90 per cent of Australian small businesses are online and that this digital migration is creating abundant vulnerabilities for criminals to exploit.

Stay Smart Online- the Australian online advisory organisation - says that the total cost of cybercrime against small to medium businesses (SMEs) is more than AU$1 billion per year. More than half of Australian organisations have their business interrupted by cybercrime every month, according to Stay Smart Online advice.

Australian companies are at greatest risk of attack via email and social media. TheAustralian Competition and Consumer Commission(ACCC) monitors fraud in Australia and places online crime high on its agenda of threats.ACCCfigures put the cost of email-based attacks alone, at more than AU$22 million in 2017.

Better defences needed

The increasing emphasis on cybersecurity in large companies has seen a surge in attacks onsmall businessowners.

The outdated idea that endpoint antivirus is the best way to defend against cybercrime reflects a misunderstanding by businesspeople about the way contemporary online fraud works. Criminals are increasingly eschewing tactics like ransomware in favour of human-targeted attacks likephishing.

"As governments, utilities and corporations harden their cybersecurity, the criminals are seeing SMEs as vulnerable targets. At a time when small business owners are becoming more reliant on digital applications for things like accounting and banking, many of them have outdated views of the online world. One report found that 87 per cent of SME business owners thought an anti-virus application would protect them from a cyber attack."- Angus Taylor MP, Australian Minister for Law Enforcement and Cyber Security.

There’s a perception amongst small business operators that premium grade cybersecurity is beyond their reach, but the key to effective protection isn’t necessarily spending more. It requires a combination of up-to-date software solutions and staff education to make them aware of the hazards of email-based attacks.

Cybersecurity that works

A recentreportfrom APWG -the Anti-Phishing Working Group- revealed that phishing attacks have surged 46% since 2017. The total number of phishing attacks detected by survey respondents in Q1 2018 was 263,538; up from 180,577 in Q4 2017.

Phishingtargets people. Aphishingmessage typically includes a link that sends the unwary victim to a fake login page. Once there, the user will be asked to enter a username and password, data that will be automatically captured by the criminals behind the attack.Criminals use phishing to collect login credentials for email accounts, bank accounts, and a wide range of other online services. They then use the information they gather to break into company computer systems.Phishing attackers know that not everyone will click on the bait, but they know that if they send enough emails out the odds are in their favour.

“Prevention is the only strategy that works dealing with cybercrime. Simply running an occasional virus scan on your laptop doesn’t cut it anymore - it’s like defending yourself from terrorism by keeping a baseball bat under your bed,” Craig McDonald, MailGuard CEO, wrote in a recentarticle.“To successfully confront the new wave of cybercrime we have to use every resource available to us because that’s exactly what cybercriminals are doing. One means of defence just isn’t enough. It only takes one personnaively clickingon one link to bring a company to a standstill. No defence against cybercrime is 100% effective, but if we adopt a layered defence strategy, we at least give ourselves the best possible protection.”

Choosing threat protection

The majority of online threats targeting companies are coming at them through email and social media channels so detecting them requires a sophisticated filter examining every interaction for signs of malicious intent.

The Australian Government has recently established a newsecure cloudenvironment for their security-sensitive data management, demonstrating a commitment to improving Australia’s cybersecurity posture.Cloud-based platforms are a good option for SMEs, according to Minister for CybersecurityAngus Taylor,because cloud service providers offer cutting-edge security systems.

When choosing a cybersecurity provider, companies should consider their speed and responsiveness to emerging threats, but also the threat vector’s that pose the greatest risk. With the majority of cyber-attacks being delivered via email, sticking with just a PC based virus detection solution isn’t going to maximise their protection.

Securing small companies

Doing business online opens up opportunities for SMEs, but with that opportunity comes significant risk. Cybercriminals use simple phishing emails to infiltrate organisations and attack them from the inside. All criminals need to break into your business is a cleverly worded email. If they can trick one person in a company into clicking on a malicious link they can gain access to their data.

MailGuard'spredictive email security filters out malicious messages before they reach company inboxes, minimising the risk of inadvertent data exposure.

MailGuard is a proud launch partner of the Australian Governments newsecure cloud, protecting the data of government agencies and critical infrastructure organisations. Learn more about the benefits of MailGuard's cloud-based security,here.

Talk to us

MailGuard's partner blogis a forum to share information and we want it to be a dialogue. Reach out to us and tell us what your customers need so we can serve you better. You can connect with us on social media or call us and speak to one of our consultants.